Authentication means that you can now protect the web-enabled functions of your Arduino with a username and password.

There is at least one other version of Webduino supporting authentication, written by Claudio Baldazzi. It’s in this post on the original Google Project site of Webduino, with an example here. When I started working on improvements of the Webduino, plus new features for my own use, I considered using Claudio’s version but decided against it for the following reason:

With the Claudio’s version all pages of the Arduino would be protected by the same username and password. However I wanted a way to distinguish different user levels. E.g. Person A should be allowed to see on the web whether the lights are on or off, but only Person B is allowed to flick the switch.

Here’s how I did it.

The WebServer class now has two new methods: httpUnauthorized() sends error 401 back to the client, which in the case of a regular web browser causes the user to see a prompt for username and password. checkCredentials() checks whether a username and password have been sent with the request and whether they are valid, i.e. they have certain values. In a Webduino command function you should first run checkCredentials() and depending on the return value either run your “protected” code, like turning on the lights, or fire httpUnauthorized(). See the methods’ subpages of the API documentation for example code.

Links

Recent Posts

This blog is about Information Technology (technical) issues, tips and tricks I find worth sharing with the world. It’s also the home base for all of my open source projects. If you want to support me financially, please go to the Donations page. For moral support please leave a comment, or follow me on Twitter or Facebook: